Login Bypass Vulnerability in Intelbras Roteador ACtion RF 1200
CVE-2024-22773

8.1HIGH

Key Information:

Vendor: Intelbras
Status: Action Rf 1200 Firmware
Vendor: CVE Published:; 6 February 2024

What is CVE-2024-22773?

The vulnerability in Intelbras Action RF 1200 and Action RG 1200 routers allows exposed passwords in browser cookies, which can be exploited for login bypass. This flaw affects versions 1.2.2 and earlier of the Action RF 1200 routers and versions 2.1.7 and earlier of the Action RG 1200 routers. Attackers can leverage this weakness to gain unauthorized access to network settings and user data, emphasizing the importance of updating to secure versions and reinforcing overall network security practices.

References

https://medium.com/%40wagneralves_87750/poc-cve-2024-2277...

https://www.youtube.com/watch?v=-r0TWJq55DU&t=7s

https://www.intelbras.com/en/router-wi-fi-5-dual-band-ac-...

CVSS V3.1

Score:

8.1

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Feb 6, 2024
Vulnerability Reserved
Jan 11, 2024

JSON